Netgear M5300-52G3 Command Line Interface (CLI) User Manual - Page 496
IP Standard ACL, IP Extended ACL
View all Netgear M5300-52G3 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 496 highlights
ProSafe Managed Switch positions that are not used. In contrast, a wildcard mask has (0's) in a bit position that must be checked. A '1' in a bit position of the ACL mask indicates the corresponding bit can be ignored. access-list This command creates an IP Access Control List (ACL) that is identified by the access list number, which is 1-99 for standard ACLs or 100-199 for extended ACLs. IP Standard ACL: Format Mode access-list {deny | permit} {every | } [log] [rate-limit ][assign-queue ] [{mirror | redirect} ] Global Config IP Extended ACL: Format Mode access-list {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | } [{eq { | } [{eq {| }] [precedence | tos | dscp ] [log] [rate-limit ] [assign-queue ] [{mirror | redirect} ] Global Config Parameter Description or Range 1 to 99 is the access list number for an IP standard ACL. Range 100 to 199 is the access list number for an IP extended ACL. {deny | permit} Specifies whether the IP ACL rule permits or denies an action. every Match every packet {icmp | igmp | ip | tcp | udp Specifies the protocol to filter for an extended IP ACL rule. | } Specifies a source IP address and source netmask for match condition of the IP ACL rule. [{eq { | }] Specifies the source layer 4 port match condition for the IP ACL rule. You can use the port number, which ranges from 0-65535, or you specify the , which can be one of the following keywords: domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www-http. Each of these keywords translates into its equivalent port number, which is used as both the start and end of a port range. Specifies a destination IP address and netmask for match condition of the IP ACL rule. Quality of Service (QoS) Commands 496